RHSA-2014:1724: Important: kernel security and bug fix update

First published: Tue Oct 28 2014(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br>Security fixes:<br><li> A race condition flaw was found in the way the Linux kernel's KVM</li> subsystem handled PIT (Programmable Interval Timer) emulation. A guest user<br>who has access to the PIT I/O ports could use this flaw to crash the host.<br>(CVE-2014-3611, Important)<br><li> A NULL pointer dereference flaw was found in the way the Linux kernel's</li> Stream Control Transmission Protocol (SCTP) implementation handled<br>simultaneous connections between the same hosts. A remote attacker could<br>use this flaw to crash the system. (CVE-2014-5077, Important)<br><li> It was found that the Linux kernel's KVM subsystem did not handle the VM</li> exits gracefully for the invept (Invalidate Translations Derived from EPT)<br>and invvpid (Invalidate Translations Based on VPID) instructions. On hosts<br>with an Intel processor and invept/invppid VM exit support, an unprivileged<br>guest user could use these instructions to crash the guest. (CVE-2014-3645,<br>CVE-2014-3646, Moderate)<br><li> A use-after-free flaw was found in the way the Linux kernel's Advanced</li> Linux Sound Architecture (ALSA) implementation handled user controls. A<br>local, privileged user could use this flaw to crash the system.<br>(CVE-2014-4653, Moderate)<br>Red Hat would like to thank Lars Bull of Google for reporting<br>CVE-2014-3611, and the Advanced Threat Research team at Intel Security for<br>reporting CVE-2014-3645 and CVE-2014-3646.<br>Bug fixes:<br><li> A known issue that could prevent Chelsio adapters using the cxgb4 driver</li> from being initialized on IBM POWER8 systems has been fixed. These<br>adapters can now be used on IBM POWER8 systems as expected. (BZ#1130548)<br><li> When bringing a hot-added CPU online, the kernel did not initialize a</li> CPU mask properly, which could result in a kernel panic. This update<br>corrects the bug by ensuring that the CPU mask is properly initialized and<br>the correct NUMA node selected. (BZ#1134715)<br><li> The kernel could fail to bring a CPU online if the hardware supported</li> both, the acpi-cpufreq and intel_pstate modules. This update ensures that<br>the acpi-cpufreq module is not loaded in the intel_pstate module is<br>loaded. (BZ#1134716)<br><li> Due to a bug in the time accounting of the kernel scheduler, a divide</li> error could occur when hot adding a CPU. To fix this problem, the kernel<br>scheduler time accounting has been reworked. (BZ#1134717)<br><li> The kernel did not handle exceptions caused by an invalid floating point</li> control (FPC) register, resulting in a kernel oops. This problem has been<br>fixed by placing the label to handle these exceptions to the correct place<br>in the code. (BZ#1138733)<br><li> A previous change to the kernel for the PowerPC architecture changed</li> implementation of the compat_sys_sendfile() function. Consequently, the<br>64-bit sendfile() system call stopped working for files larger than 2 GB<br>on PowerPC. This update restores previous behavior of sendfile() on<br>PowerPC, and it again process files bigger than 2 GB as expected.<br>(BZ#1139126)<br><li> Previously, the kernel scheduler could schedule a CPU topology update</li> even though the topology did not change. This could negatively affect the<br>CPU load balancing, cause degradation of the system performance, and<br>eventually result in a kernel oops. This problem has been fixed by<br>skipping the CPU topology update if the topology has not actually changed.<br>(BZ#1140300)<br><li> Previously, recovery of a double-degraded RAID6 array could, under</li> certain circumstances, result in data corruption. This could happen<br>because the md driver was using an optimization that is safe to use only<br>for single-degraded arrays. This update ensures that this optimization is<br>skipped during the recovery of double-degraded RAID6 arrays. (BZ#1143850)<br>All kernel users are advised to upgrade to these updated packages, which<br>contain backported patches to correct these issues. The system must be<br>rebooted for this update to take effect.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• agent/weakness
• collector/redhat-errata
• anchor-id/RHSA-2014:1724
• package-manager/redhat